Nmap Development mailing list archives
Re: nmap-dev Digest, Vol 41, Issue 20
From: kanu sohal <kanu.sohal () yahoo com>
Date: Fri, 15 Aug 2008 05:25:01 -0700 (PDT)
can u plz send me link for downloading email cracker v2.4
--- On Fri, 8/15/08, nmap-dev-request () insecure org <nmap-dev-request () insecure org> wrote:
From: nmap-dev-request () insecure org <nmap-dev-request () insecure org>
Subject: nmap-dev Digest, Vol 41, Issue 20
To: nmap-dev () insecure org
Date: Friday, August 15, 2008, 3:48 AM
Send nmap-dev mailing list submissions to
nmap-dev () insecure org
To subscribe or unsubscribe via the World Wide Web, visit
http://cgi.insecure.org/mailman/listinfo/nmap-dev
or, via email, send a message with subject or body 'help' to
nmap-dev-request () insecure org
You can reach the person managing the list at
nmap-dev-owner () insecure org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of nmap-dev digest..."
Today's Topics:
1. Re: side-by-side config issue (Brandon Enright)
2. Re: side-by-side config issue (Brandon Enright)
3. Re: BHDC08 Version of Nmap/Zenmap (David Fifield)
4. Re: Help needed for Zenmap Profile Editor (Jurand Nogiec)
5. Re: [RFC] [NSE] DNS library (jah)
6. Re: NMAP scripts (jah)
7. Re: Nmap summarizing function results in not all ports being
displayed (Fyodor)
8. Re: NMAP scripts (eldraco)
----------------------------------------------------------------------
Message: 1
Date: Fri, 15 Aug 2008 00:00:20 +0000
From: Brandon Enright <bmenrigh () ucsd edu>
Subject: Re: side-by-side config issue
To: Marc-Andr? Turcotte <matmat07 () hotmail com>
Cc: nmap-dev () insecure org, bmenrigh () ucsd edu
Message-ID: <20080815000020.18eeb583@gamma>
Content-Type: text/plain; charset=UTF-8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there, comments inline.
On Thu, 14 Aug 2008 19:43:14 -0400
Marc-Andr? Turcotte <matmat07 () hotmail com> wrote:
I tried to install the windows binaries 4.68 version on vista home premium 64x and I get this error when trying to run nmap.exe (translated from french to english):
This application could'nt start because his side-by-side configuration is incorrect.
This is the %windir%\WinSxS directory and is supposed to be Microsoft's "solution" to "DLL hell". Sounds like you might have the wrong version of some 32-bit DLL.
For more information, look at the application event journal.
This would be the Windows Event Log (eventvwr.msc). Can you dig into the event log error and give us that information?
From what I read on the internet, it seem to be a problem from visual basic which I should get rid off by installing VCRedist_x86.exe (it seems it was in the nmap installation file, but for an unknow reason, this file does not get copyed). I took the latest one from the microsoft website and installed it with no problem, but it still doesn't work, even after restarting my
laptop. I'd also be interested in the output of the the Dependency Walker when run against nmap.exe You can grab a copy here: http://www.dependencywalker.com/ Of particular interest are missing DLLs but unbound and unresolved imports are also useful.
Marc-Andr? Turcotte
Thanks for the report. Maybe someone with more Vista x86_64 knowledge will chime in with anything else. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkikxxsACgkQqaGPzAsl94LrbACfZt+MGPs12pe9cf93mDlwIl87 X2EAn00uGOX/KjEHbXHEQvzTp6YMWrja =VEOh -----END PGP SIGNATURE----- ------------------------------ Message: 2 Date: Fri, 15 Aug 2008 00:43:59 +0000 From: Brandon Enright <bmenrigh () ucsd edu> Subject: Re: side-by-side config issue To: <nmap-dev () insecure org> Cc: Marc-Andr? Turcotte <matmat07 () hotmail com>, bmenrigh () ucsd edu Message-ID: <20080815004359.04d7b471@gamma> Content-Type: text/plain; charset=UTF-8 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marc-Andr? got back to me with output so I'll re-post some of the info here. On Fri, 15 Aug 2008 00:00:20 +0000 Brandon Enright <bmenrigh () ucsd edu> wrote: ....snip...
This would be the Windows Event Log (eventvwr.msc). Can you dig into the event log error and give us that information?
The (translated from French) event log error is: The creation of the activation context failed for C:\Program Files (x86)\Nmap\nmap.exe . Dependant assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" cannot be found. Use sxstrace.exe for an advanced diagnostic. ....snip...
I'd also be interested in the output of the the Dependency Walker when run against nmap.exe You can grab a copy here: http://www.dependencywalker.com/ Of particular interest are missing DLLs but unbound and unresolved imports are also useful.
The output of depends.exe is rather large (2.5 megs) so rather than attach it, I've uploaded it here: http://noh.ucsd.edu/~bmenrigh/nmap_vista64.dwi I don't have a working Windows box to load the output up in right now but I suspect it will show the missing VC90 runtime DLL. Does anyone happen to know if the standard runtime installer will work for Vista64? Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkik0VUACgkQqaGPzAsl94KJmACfV2hqBj1d1tzDgslUhoyY4vq2 BssAoJ6c0z/n7kTj1ZQwHk7Nj2gSJzrW =9KXz -----END PGP SIGNATURE----- ------------------------------ Message: 3 Date: Thu, 14 Aug 2008 19:35:38 -0600 From: David Fifield <david () bamsoftware com> Subject: Re: BHDC08 Version of Nmap/Zenmap To: InfoSecSurvivor <infosecsurvivor () gmail com> Cc: nmap-dev () insecure org Message-ID: <20080815013537.GA6974@gusto> Content-Type: text/plain; charset=us-ascii On Thu, Aug 14, 2008 at 02:03:59PM -0700, InfoSecSurvivor wrote:
Hello. I have been using MacPorts to attempt to compile this thing. Pango is install, cairo is installed. Pycairo is installed (thought that could be it.) Is it possible I need pango-devel? Or, is there a variant... Command-line option or something I need to specify to force pangocairo to build?
Installing py25-gtk and py25-sqlite3 should bring in everything you need. It's possible you have Pango installed but not the Python bindings. David Fifield ------------------------------ Message: 4 Date: Thu, 14 Aug 2008 20:45:42 -0500 From: Jurand Nogiec <jurand () gmail com> Subject: Re: Help needed for Zenmap Profile Editor To: nmap-dev () insecure org Message-ID: <48A4DFC6.4010506 () gmail com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed David Fifield and I have completed the profile_editor.xml Context Help System texts. I would appreciate it if any of you notice something amiss in the information held within the file that you would report it to this list and I would appreciate it even more if you could help proofreading this document and reply to this message. Cheers, Jurand Nogiec www.Jurand.net ------------------------------ Message: 5 Date: Fri, 15 Aug 2008 04:09:42 +0100 From: jah <jah () zadkiel plus com> Subject: Re: [RFC] [NSE] DNS library To: Philip Pickering <pgpickering () gmail com> Cc: Nmap Dev <nmap-dev () insecure org> Message-ID: <48A4F376.6000307 () zadkiel plus com> Content-Type: text/plain; charset="iso-8859-1" Hi Philip, I've had a chance to look a little at your DNS library. Great Job! I've been updating ASN.nse (which in it's current incarnation is a bit pants) to make use of it and so I've only made use of query() and reverse() so far, but it works fine for me. Of course, I've made use of system-dns from your patch which is exactly what ASN needs and, again, that works lovely. ASN needs a PTR style TXT query and I've noticed that I only ever get a single answer even if there are more. Perhaps query() could return a table of strings as its first return value when there are more than one answer? I've attached a patch for reverse which should handle IPv6 nibbles [RFC3596 style]. The patch would make dns.lua dependant upon the version of ipOps I recently posted [1] because it requires an IPv6 address to be fully expanded (and then zero padded) to get 32 parts. I've tested reverse() to confirm that it produces the string it's supposed to, but at this point, I've not had a single answer whilst using it - either from ASNs TXT queries or from general PTR queries. I'm guessing I just haven't found a dns server that wants to play with me, but there's always the possibility I've mis-understood or missed something. The patch is for the version of dns.lua you posted to this list. Finally, I think it might be useful to return an error string in those cases where a number is returned. If I'm reading it right, one would have to pairs( dns.err ) to find a string to match the error number. Maybe you've a reason for it and maybe I'm being really lazy... Cheers, jah [1] http://seclists.org/nmap-dev/2008/q3/0226.html -------------- next part -------------- A non-text attachment was scrubbed... Name: dns.lua.patch Type: text/x-patch Size: 1498 bytes Desc: not available URL: <http://cgi.insecure.org/mailman/private/nmap-dev/attachments/20080815/895db085/attachment.bin> ------------------------------ Message: 6 Date: Fri, 15 Aug 2008 04:25:35 +0100 From: jah <jah () zadkiel plus com> Subject: Re: NMAP scripts To: adam.bull () bt com Cc: nmap-dev () insecure org Message-ID: <48A4F72F.8000108 () zadkiel plus com> Content-Type: text/plain; charset=ISO-8859-1 On 14/08/2008 10:16, adam.bull () bt com wrote:
Hi guys Not a fault as such more of a question / recommendation, I want to be able
to run the nmap script WHOIS and harvest a list of IP addresses in a range but I don't want to connect to the targets at all - just run the script!.
I've looked through the help file and there's seems to be no way I
can just run the script without having to at least ping or send a "-sS -p80" is it possible to run the script without having to make any connection to the target kinda the opposite what nmap was built for but hey. Hi Adam, At presently, I believe that there isn't a way to run an NSE script without scanning/pinging a target. NSE scripts depend on nmap for their targets (and some functionality not found in LUA) so it would require a good deal of hacking to run the script apart from nmap - you'd be better off scripting something with perl Net::Whois or some java-based command line client <http://www.skytouch.com/soft/java/whois.html>. Perhaps you'd be willing to scan your targets with a spoofed public IP address. Something along the lines of nmap <target> -sS -p80 --max-retries 0 -n -PN -e <your-interface-name> -S 66.249.67.205 -v --script whois Regards, jah ------------------------------ Message: 7 Date: Thu, 14 Aug 2008 20:32:13 -0700 From: Fyodor <fyodor () insecure org> Subject: Re: Nmap summarizing function results in not all ports being displayed To: jayrhine () comcast net Cc: nmap-dev () insecure org Message-ID: <20080815033213.GV5540 () syn lnxnet net> Content-Type: text/plain; charset=us-ascii On Tue, Aug 12, 2008 at 01:57:44PM +0000, jayrhine () comcast net wrote:
Myself and others have had the issue in the past that when performing scans with Nmap on systems that have many open udp ports, the port details will not be displayed. This does not usually affect tcp ports since they will typically be discovered as open (which is always reported). However, since UDP usually reports open ports as "open|filtered", this may result in ports not being displayed.
Now, I
understand this is not a bug, but rather a design choice, but I think it would be beneficial to may this adjustable.
OK Jay. I've checked in a change to svn so that if verbose mode is at least 3 or debugging level is at least three, Nmap will show all of the open|filtered ports rather than collapse them for readability. You can test it with the command "nmap -sU -T4 -vvv scanme.nmap.org". Cheers, -F ------------------------------ Message: 8 Date: Fri, 15 Aug 2008 01:03:07 -0300 From: eldraco <eldraco () gmail com> Subject: Re: NMAP scripts To: nmap-dev () insecure org Cc: jah <jah () zadkiel plus com>, adam.bull () bt com Message-ID: <200808150103.08272.eldraco () gmail com> Content-Type: text/plain; charset="iso-8859-1" Ok Adam, this is ugly but it should work if you are willing to do it... 1- iptables -A OUTPUT -p tcp --dport 23022 -j DROP 2- nmap -sS -p23022 -PN -n -v xx.xx.xx.xx --script=/usr/local/share/nmap/scripts/whois.nse Result: 1- no packets send to xx.xx.xx.xx 2- whois executed right 3- quick For example: nmap -sS -p23022 -PN -n -v scanme.insecure.org --script=/usr/local/share/nmap/scripts/whois.nse Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-15 01:00 ART Initiating SYN Stealth Scan at 01:00 Scanning 64.13.134.52 [1 port] sendto in send_ip_packet: sendto(5, packet, 44, 0, 64.13.134.52, 16) => Operation not permitted Offending packet: TCP me.me.me.me:52335 > 64.13.134.52:23022 S ttl=52 id=49065 iplen=44 seq=1763118709 win=1024 <mss 1460> sendto in send_ip_packet: sendto(5, packet, 44, 0, 64.13.134.52, 16) => Operation not permitted Offending packet: TCP me.me.me.me:52336 > 64.13.134.52:23022 S ttl=37 id=17732 iplen=44 seq=1763053172 win=2048 <mss 1460> Completed SYN Stealth Scan at 01:00, 2.02s elapsed (1 total ports) SCRIPT ENGINE: Initiating script scanning. Initiating SCRIPT ENGINE at 01:00 Completed SCRIPT ENGINE at 01:00, 0.91s elapsed Host 64.13.134.52 appears to be up ... good. Interesting ports on 64.13.134.52: PORT STATE SERVICE 23022/tcp filtered unknown Host script results: | Whois: Record found at whois.arin.net | netrange: 64.13.134.0 - 64.13.134.63 | netname: NET-64-13-143-0-26 | orgname: Titan Networks | orgid: INSEC | country: US stateprov: CA | orgtechname: Hostmaster |_ orgtechemail: hostmaster () titan net Read data files from: /usr/local/share/nmap Nmap done: 1 IP address (1 host up) scanned in 3.01 seconds Raw packets sent: 0 (0B) | Rcvd: 0 (0B) I said, it is ugly. hope that helps cheers eldraco El Friday 15 August 2008 00:25:35 jah escribi?:
On 14/08/2008 10:16, adam.bull () bt com wrote:Hi guys Not a fault as such more of a question / recommendation, I want to be able to run the nmap script WHOIS and harvest a list of IP addresses
in a
range but I don't want to connect to the targets at all - just
run the
script!. I've looked through the help file and there's seems to be no
way I can
just run the script without having to at least ping or send a
"-sS -p80"
is it possible to run the script without having to make any
connection to
the target kinda the opposite what nmap was built for but hey.Hi Adam, At presently, I believe that there isn't a way to run an NSE script without scanning/pinging a target. NSE scripts depend on nmap for their targets (and some functionality not found in LUA) so it would require a good deal of hacking to run the script apart from nmap - you'd be
better
off scripting something with perl Net::Whois or some java-based command line client <http://www.skytouch.com/soft/java/whois.html>. Perhaps you'd be willing to scan your targets with a spoofed public IP address. Something along the lines of nmap <target> -sS -p80 --max-retries 0 -n -PN -e
<your-interface-name>
-S 66.249.67.205 -v --script whois Regards, jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
-- Ing. Sebasti?n Garc?a http://minsky.surfnet.nl:11371/pks/lookup?op=get&search=0x3E42ED27F864EDE6 ------------------------------ _______________________________________________ nmap-dev mailing list nmap-dev () insecure org http://cgi.insecure.org/mailman/listinfo/nmap-dev End of nmap-dev Digest, Vol 41, Issue 20 **************************************** _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: nmap-dev Digest, Vol 41, Issue 20 kanu sohal (Aug 15)